class SesionController < ApplicationController
  skip_before_filter :authorize

  def create
    if cliente = Cliente.authenticate(params[:correo], 
      params[:password])
      session[:cliente_id] = cliente.id
      session[:cliente_admin] = cliente.is_admin
      cart = Carrito.find_by_cliente_id(cliente.id)
      session[:cart_id] = cart.id
      
      carritos = Carrito.find_all_by_cliente_id(nil) 
      carritos.each do |carrito|
        carrito.destroy
      end

      redirect_to sesion_url, :notice => "Sesion Iniciada"
    else
      redirect_to acceder_url, 
            :notice => "Invalida combinacion de Usuario/Contrase\u00F1a"
    end
  end

  def destroy
    session[:cart_id] = nil
    current_cart
    session[:cliente_id] = nil
    session[:cliente_admin] = nil
    redirect_to tienda_url, :notice => "Sesion Cerrada"
  end
end
